Mercurial > vim

diff src/libvterm/src/state.c @ 20875:88cec48503b8 v8.2.0989

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 8.2.0989: crash after resizing a terminal window Commit: https://github.com/vim/vim/commit/a6e8bf2d8929ef52eeda495e0e0c3d2bff8f5830 Author: Bram Moolenaar <Bram@vim.org> Date: Tue Jun 16 20:58:07 2020 +0200 patch 8.2.0989: crash after resizing a terminal window Problem: Crash after resizing a terminal window. (August Masquelier) Solution: Add check for valid row in libvterm. (closes https://github.com/vim/vim/issues/6273)
author Bram Moolenaar <Bram@vim.org>
date Tue, 16 Jun 2020 21:00:05 +0200
parents a4652d7ec99f
children 5c6a6b5a3330
line wrap: on
line diff
--- a/src/libvterm/src/state.c
+++ b/src/libvterm/src/state.c
@@ -16,6 +16,12 @@ static int on_resize(int rows, int cols,
 static void putglyph(VTermState *state, const uint32_t chars[], int width, VTermPos pos)
 {
   VTermGlyphInfo info;
+
+  if (pos.row >= state->rows)
+  {
+    DEBUG_LOG2("libvterm: putglyph() pos.row %d out of range (rows = %d)\n", pos.row, state.rows);
+    return;
+  }
   info.chars = chars;
   info.width = width;
   info.protected_cell = state->protected_cell;
@@ -283,6 +289,11 @@ static int on_text(const char bytes[], s
 
   VTermPos oldpos = state->pos;
 
+  if (state->pos.row >= state->rows)
+  {
+    DEBUG_LOG2("libvterm: on_text() pos.row %d out of range (rows = %d)\n", state->pos.row, state.rows);
+    return 0;
+  }
   // We'll have at most len codepoints, plus one from a previous incomplete
   // sequence.
   codepoints = vterm_allocator_malloc(state->vt, (len + 1) * sizeof(uint32_t));